Filter
Top Products
66 Brocade ICX 6650 Security Configuration Guide
53-1002601-01
SSH2 authentication types
NOTE
If you have generated SSH keys on the switch, you should delete and regenerate it when you upgrade
or downgrade the software version before ssh session.
Setting the CPU priority for key generation
Generating the key is a resource-intensive operation. You can set the priority for this operation to
high so that the device allocates more CPU time for this operation. So you must use this option only
when the device is in the maintenance window. This option reduces the time taken for key
generation.
To set high priority for the key generation operation, enter the following command:
Brocade(config)#crypto-gen priority high
Syntax: crypto key crypto-gen priority default | high
The default keyword sets the priority as default. The key generation task is handled with the regular
priority.
The high keyword sets the high priority for the key generation task. Use this option only when the
device is in the maintenance window.
Generating and deleting a DSA key pair
To generate a DSA key pair, enter the following command.
Brocade(config)# crypto key generate dsa
To delete the DSA host key pair, enter the following command.
Brocade(config)# crypto key zeroize dsa
Syntax: crypto key generate | zeroize dsa
The generate keyword places a host key pair in the flash memory and enables SSH on the device, if
it is not already enabled.
The zeroize keyword deletes the host key pair from the flash memory. This disables SSH if no other
server host keys exist on the device.
The dsa keyword specifies a DSA host key pair. This keyword is optional. If you do not enter it, the
command crypto key generate generates a DSA key pair by default, and the command crypto key
zeroize works as described in “Deleting DSA and RSA key pairs” on page 67.
Generating and deleting an RSA key pair
To generate an RSA key pair, enter a command such as the following:
Brocade(config)# crypto key generate rsa modulus 2048
To delete the RSA host key pair, enter the following command.
Brocade(config)# crypto key zeroize rsa
Syntax: crypto key generate | zeroize rsa [modulus modulus-size]